<?php

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

include 'library/init.php';

if (!isset($_SESSION['UserID'])) {
    $pwd = ($_POST['Password']);
    $uname = $_POST['Username'];
    $sql = 'SELECT * FROM user WHERE Username=:Username AND Password=:Password';
    $sth = $db->prepare($sql);
    $sth->bindParam(':Username', $uname);
    $sth->bindParam(':Password', $pwd);
    $sth->execute();    
    if ($row = $sth->fetch())   {
        if($row['Blocked'] == 1)
            header('Location: login.php?id=Banned');
        else
        $user->dologin($uname, $row['UserID'], $row['Admin']);
    }
    else {
        header('Location: login.php?id=Ukjent brukernavn/passord');
    }
} else {
    $user->logout();
    header('Location: index.php');
}
?>
